use unique hashes when smuggling whitelist setting

author: Wojtek Kosior <wk@koszkonutek-tmp.pl.eu.org> 2021-05-12 17:25:57 +0200
committer: Wojtek Kosior <wk@koszkonutek-tmp.pl.eu.org> 2021-05-12 17:25:57 +0200
commit: 55fb3e4bd833f042a82657cc75e7e4c657402f9e (patch)
tree: c5198bfc075d680629850c7e47f45027581d8707
parent: 9c246cfa2e30c2f7887472084b4ace4ab99b9819 (diff)
download: browser-extension-55fb3e4bd833f042a82657cc75e7e4c657402f9e.tar.gz
browser-extension-55fb3e4bd833f042a82657cc75e7e4c657402f9e.zip
8 files changed, 66 insertions, 8 deletions
diff --git a/TODOS.org b/TODOS.org
index 8c8bcaf..48e3717 100644
--- a/TODOS.org
+++ b/TODOS.org
@@ -17,7 +17,7 @@ TODO:
     settings and settings for pages that currently happen to
     live in iframes
 - add some nice styling to settings page
-- use non-predictable value in place of "myext-allow", utilizing hashes -- CRUCIAL
+- find some way not to require each chrome user to modify manifest.json
 - rename the extension to something good
 - port to gecko-based browsers -- CRUCIAL
 - rename "bundles" to "bags" to avoid confusion with Web Bundles
@@ -40,6 +40,7 @@ TODO:
   to manage imports/exports
 
 DONE:
+- use non-predictable value in place of "myext-allow", utilizing hashes -- DONE 2021-05-12
 - stop using modules (not available on all browsers) -- DONE 2021-05-12
 - clean up the remnants of LibreJS -- DONE 2021-05-12
 - implement whitelisting -- DONE 2021-05-07
diff --git a/background/background.html b/background/background.html
index d453c47..c6621e2 100644
--- a/background/background.html
+++ b/background/background.html
@@ -10,9 +10,10 @@
     <script src="./message_server.js"></script>
     <script src="/common/connection_types.js"></script>
     <script src="./storage_server.js"></script>
-    <script src="./url_item.js"></script>
-    <script src="./sha256.js"></script>
+    <script src="/common/url_item.js"></script>
+    <script src="/common/sha256.js"></script>
     <script src="./page_actions_server.js"></script>
+    <script src="/common/gen_unique.js"></script>
     <script src="./policy_smuggler.js"></script>
     <script src="./main.js"></script>
   </head>
diff --git a/background/policy_smuggler.js b/background/policy_smuggler.js
index 6d0da38..180dcb7 100644
--- a/background/policy_smuggler.js
+++ b/background/policy_smuggler.js
@@ -15,6 +15,7 @@
     const get_storage = window.get_storage;
     const browser = window.browser;
     const url_item = window.url_item;
+    const gen_unique = window.gen_unique;
 
     var storage;
 
@@ -26,12 +27,14 @@
 	let first_target = match[3];
 	let second_target = match[4];
 
-	if (first_target === "#myext-allow") {
+	let url = url_item(request.url);
+	let unique = gen_unique(url);
+
+	if (first_target === unique) {
 	    console.log(["not redirecting"]);
 	    return {cancel : false};
 	}
 
-	let url = url_item(request.url);
 	let settings = storage.get(TYPE_PREFIX.PAGE, url);
 	console.log("got", storage.get(TYPE_PREFIX.PAGE, url), "for", url);
 	if (settings === undefined || !settings.allow)
@@ -40,10 +43,10 @@
 	second_target = (first_target || "") + (second_target || "")
 
 	console.log(["redirecting", request.url,
-		     (base_url + "#myext-allow" + second_target)]);
+		     (base_url + unique + second_target)]);
 
 	return {
-	    redirectUrl : (base_url + "#myext-allow" + second_target)
+	    redirectUrl : (base_url + unique + second_target)
 	};
     }
 
diff --git a/common/gen_unique.js b/common/gen_unique.js
new file mode 100644
index 0000000..920426b
--- /dev/null
+++ b/common/gen_unique.js
@@ -0,0 +1,32 @@
+/**
+* Myext generating unique, per-site hash
+*
+* Copyright (C) 2021 Wojtek Kosior
+*
+* Dual-licensed under:
+*   - 0BSD license
+*   - GPLv3 or (at your option) any later version
+*/
+
+"use strict";
+
+(() => {
+    const sha256 = window.sha256;
+    const browser = window.browser;
+    const is_chrome = window.is_chrome;
+
+    function get_id()
+    {
+	if (is_chrome)
+	    return browser.runtime.getManifest().key.substring(0, 50);
+	else
+	    return browser.runtime.getURL("dummy");
+    }
+
+    function gen_unique(url)
+    {
+	return "#" + sha256(get_id() + url);
+    }
+
+    window.gen_unique = gen_unique;
+})();
diff --git a/background/sha256.js b/common/sha256.js
index 271ec87..271ec87 100644
--- a/background/sha256.js
+++ b/common/sha256.js
diff --git a/background/url_item.js b/common/url_item.js
index 7850871..7850871 100644
--- a/background/url_item.js
+++ b/common/url_item.js
diff --git a/content/main.js b/content/main.js
index 282c7b5..c7f57bb 100644
--- a/content/main.js
+++ b/content/main.js
@@ -12,6 +12,8 @@
 
 (() => {
     const handle_page_actions = window.handle_page_actions;
+    const url_item = window.url_item;
+    const gen_unique = window.gen_unique;
 
     var url_re = /^([^#]*)((#[^#]*)(#.*)?)?$/;
     var match = url_re.exec(document.URL);
@@ -19,9 +21,13 @@
     var first_target = match[3];
     var second_target = match[4];
 
+    // TODO: can be refactored *a little bit* with policy_smuggler.js
+    let url = url_item(document.URL);
+    let unique = gen_unique(url);
+
     var block = true;
     if (first_target !== undefined &&
-	first_target === "#myext-allow") {
+	first_target === unique) {
 	block = false;
 	console.log(["allowing", document.URL]);
 	if (second_target !== undefined)
diff --git a/manifest.json b/manifest.json
index 85dde71..efdcba0 100644
--- a/manifest.json
+++ b/manifest.json
@@ -3,6 +3,18 @@
     "name": "My extension",
     "short_name": "Myext",
     "version": "0.0.0",
+    /*
+      WARNING!!!
+      EACH USER SHOULD REPLACE "key" WITH UNIQUE VALUE!!!
+      OTHERWISE SECURITY CAN BE TRIVIALLY COMPROMISED!
+
+      A unique key can be generated with:
+      $ ssh-keygen -f /path/to/new/key.pem -t rsa -b 1024
+
+      Only relevant to users of chrome-based browsers.
+      Users of FireFox forks are safe.
+    */
+    "key": "b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAlwAAAAdzc2gtcnNhAAAAAwEAAQAAAIEA+0GT5WNmRRo8e5tL9+BmNtY6aBPwLIgbPnLShYBMSR40iYwLTsccrkwBXb3bs1o4p6q5WJugI8Lsia+GXZc/XHGFkq7D1aWiTxlJLs8z0JC2TQ2/yatYmBMchogYGeeUfP7aI7JJZwpATts+VhIvgga/4FYj+DijMIEpwdckqFEAAAII4Dh7HOA4exwAAAAHc3NoLXJzYQAAAIEA+0GT5WNmRRo8e5tL9+BmNtY6aBPwLIgbPnLShYBMSR40iYwLTsccrkwBXb3bs1o4p6q5WJugI8Lsia+GXZc/XHGFkq7D1aWiTxlJLs8z0JC2TQ2/yatYmBMchogYGeeUfP7aI7JJZwpATts+VhIvgga/4FYj+DijMIEpwdckqFEAAAADAQABAAAAgEHB5/MhEKMFOs8e1cMJ97ZiWubiUPlWpcqyQmauLUj1nspg3JTBh8AWJEVkaxuFgU5gYCHQmRjC6yUdywyziOEkFA4r/WpX4WmbIe+GQHRHhitLN0dgF8N6/fVNOoa5StTdfZqyl23pVXyepoDNjrJFKyupqPMmpwfH5lGr9RwBAAAAQG76HflB/5j8P2YgIYX6dQT4Ei0SqiIjNVy7jFJUQDKSJg/PYkedE02JZJBJPcMYxEJUxXtMgq+upamNILfkmY0AAABBAP4v0O5dqjy16xDDFzb4DPNAcw5Za9KJaXKVkUuKXMNZOKTR0RC/upjNTmttY980RKdIx5zA25dO8cx563bSDIsAAABBAP0MaOpBiai/eRmLqhlthHODa+Mur6W3uc9PyhWhgDBjLNMR/doaYeyfVKxtIiN3a+HkN++G+vbokRweQv++bhMAAAANdXJ6QGxvY2FsaG9zdAECAwQFBg==",
     "author": "various",
     "description": "Kill the web&js",
     "applications": {
@@ -52,6 +64,9 @@
 		"common/browser.js",
 		"common/connection_types.js",
 		"content/page_actions.js",
+		"common/url_item.js",
+		"common/sha256.js",
+		"common/gen_unique.js",
 		"content/main.js"
 	    ]
 	}
author	Wojtek Kosior <wk@koszkonutek-tmp.pl.eu.org>	2021-05-12 17:25:57 +0200
committer	Wojtek Kosior <wk@koszkonutek-tmp.pl.eu.org>	2021-05-12 17:25:57 +0200
commit	55fb3e4bd833f042a82657cc75e7e4c657402f9e (patch)
tree	c5198bfc075d680629850c7e47f45027581d8707
parent	9c246cfa2e30c2f7887472084b4ace4ab99b9819 (diff)
download	browser-extension-55fb3e4bd833f042a82657cc75e7e4c657402f9e.tar.gz browser-extension-55fb3e4bd833f042a82657cc75e7e4c657402f9e.zip